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WHAT IS CLAIMED IS: 

1 

2 LA security policy method comprising the steps of: 

3 associating wildcarded resource identifiers with a corresponding security policy; 

4 and 

5 matching a resource identifier received in an access request to one of a list of said 

6 wildcarded resource identifiers, wherein said matching is determined in accordance with 

7 a predetermined set of precedence values, each precedence value of said set 

8 corresponding to a predetermined wildcard element. 

1 2. The method of claim 1 wherein each predetermined wildcard element comprises 

2 a regular expression element. 
3 

4 3. The method of claim 1 further comprising the step of selecting, in response to a 

5 security policy associated with a wildcarded identifier from said matching step, one of 

6 a grant of access to a requested resource corresponding to said resource identifier and a 

7 denial of access to said requested resource. 

1 4. The method of claim 1 wherein said list of said wildcarded resource identifiers 

2 comprises an ordered list of wilddcarded resource identifiers, said ordered list being 

3 ordered in accordance with said predetermined set of precedence values. 
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1 5. The method of claim 4 wherein said step of matching said resource identifier 

2 received in said access request comprises the steps of: 

3 sequentially comparing said resource identifier received in said access request 

4 with each wildcarded resource identifier in said ordered list; 

5 in response to a comparison, terminating said comparing step, returning a policy 

6 associated with a wildcarded identifier from said comparing step. 

1 6. The method of claim 4 further comprising the step of ordering a list of wildcarded 

2 resource identifiers to generate said list of ordered wildcarded resource identifiers. 

3 

4 7. The method of claim 6 wherein said step of ordering a list of wildcarded resource 

5 identifiers includes the steps of: 

6 selecting a pair of wildcarded identifiers from a list in accordance with a 

7 predetermined sorting process; 

8 sequentially selecting elements in each identifier of said pair of wildcarded 

9 identifiers; 

10 comparing a first precedence value corresponding to a first one of a selected 

11 element of said pair of wildcarded identifiers and a second precedence value 

1 2 corresponding to a second one of a selected element of said pair of wildcarded identifiers, 

13 wherein said first precedence value and said second precedence value each comprise a 

14 predetermined value from said set of precedence values; and 

1 5 if said first precedence value and said second precedence value corresponding are 

1 6 not equal, ordering said pair of wildcarded identifiers according to said first precedence 

1 7 value and said second precedence. 
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1 8. The method of claim 7 further comprising the step of returning said pair of 

2 wildcarded identifiers from said ordering step to said preselected sorting process. 

1 9. The method of claim 1 wherein said set of precedence values comprises: 

2 a first precedence value having a highest precedence corresponding to an exact character, 

3 a second precedence value having a next lower precedence from said first precedence 

4 value, corresponding to a character range; 

5 a third precedence value, having a next lower precedence from said second 

6 precedence value, corresponding to any character; 

7 a fourth precedence value, having a next lower precedence from said third 

8 precedence value, corresponding to a repeating exact character; 

9 a fifth precedence value, having a next lower precedence from said fourth 

10 precedence value, corresponding to a repeating character range; and 

11 a sixth precedence value, having a next lower precedence from said fifth 

12 precedence value, corresponding to any character string, and wherein said sixth 

13 precedence value comprises a lowest precedence value. 
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1 1 0. A security policy system comprising: 

2 circuitry operable for associating wildcarded resource identifiers with a 

3 corresponding security policy; and 

4 circuitry operable for associating wildcarded resource identifiers with a 

5 corresponding security policy matching a resource identifier received in an access request 

6 to one of a list of said wildcarded resource identifiers, wherein said matching is 

7 determined in accordance with a predetermined set of precedence values, each 

8 precedence value of said set corresponding to a predetermined wildcard element. 

1 11. The system of claim 1 0 wherein each predetermined wildcard element comprises 

2 a regular expression element. 

1 12. The system of claim 10 further comprising circuitry operable for selecting, in 

2 response to a security policy associated with a wildcarded identifier from said matching 

3 step, one of a grant of access to a requested resource corresponding to said resource 

4 identifier and a denial of access to said requested resource. 

1 13. The system of claim 1 0 wherein said list of said wildcarded resource identifiers 

2 comprises an ordered list of wildedcarded resource identifiers, said ordered list being 

3 ordered in accordance with said predetermined set of precedence values. 

1 1 4. The system of claim 1 3 wherein said circuitry operable for matching said resource 

2 identifier received in said access request comprises: 
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3 circuitry operable for sequentially comparing said resource identifier received in 

4 said access request with each wildcarded resource identifier in said ordered list; 

5 circuitry operable for, in response to a comparison, terminating said comparing 

6 step, returning a policy associated with a wildcarded identifier from said comparing step. 

1 15. The system of claim 1 3 further comprising circuitry operable for ordering a list 

2 of wildcarded resource identifiers to generate said list of ordered wildcarded resource 

3 identifiers. 

1 16. The system of claim 1 5 wherein said step of ordering a list of wildcarded resource 

2 identifiers includes: 

3 circuitry operable for selecting a pair of wildcarded identifiers from a list in 

4 accordance with a predetermined sorting process; 

5 circuitry operable for sequentially selecting elements in each identifier of said pair 

6 of wildcarded identifiers; 

7 circuitry operable for comparing a first precedence value corresponding to a first 

8 one of a selected element of said pair of wildcarded identifiers and a second precedence 

9 value corresponding to a second one of a selected element of said pair of wildcarded 

10 identifiers, wherein said first precedence value and said second precedence value each 

1 1 comprise a predetermined value from said set of precedence values; and 

12 circuitry operable for, if said first precedence value and said second precedence 

1 3 value corresponding are not equal, ordering said pair of wildcarded identifiers according 

14 to said first precedence value and said second precedence value. 
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1 17. The system of claim 16 further comprising the cicruitry operable for returning 

2 said pair of wildcarded identifiers from said ordering step to said preselected sorting 

3 process. 

1 18. The system of claim 1 0 wherein said set of precedence values comprises: 

2 a first precedence value having a highest precedence corresponding to an exact 

3 character, a second precedence value have a next lower precedence from said first 

4 precedence value, corresponding to a character range; 

5 a third precedence value, having a next lower precedence from said second 

6 precedence value, corresponding to any character; 

7 a fourth precedence value, having a next lower precedence from said third 

8 precedence value, corresponding to a repeating exact character; 

9 a fifth precedence value, having a next lower precedence from said fourth 

10 precedence value, corresponding to a repeating character range; and 

11 a sixth precedence value, having a next lower precedence from said fifth 

12 precedence value, corresponding to any character string, and wherein said sixth 

13 precedence value comprises a lowest precedence value. 
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1 19. A computer program product in a machine readable medium of expression 

2 including programming for wildcarding security policies comprising programming 

3 instructions for performing the steps of: 

4 associating wildcarded resource identifiers with a corresponding security policy; 

5 and 

6 matching a resource identifier received in an access request to one of a list of said 

7 wildcarded resource identifiers, wherein said matching is determined in accordance with 

8 a predetermined set of precedence values, each precedence value of said set 

9 corresponding to a predetermined wildcard element. 

1 20. The program product of claim 1 9 wherein each predetermined wildcard element 

2 comprises a regular expression element. 

1 21. The method of claim 19 further comprising programming instructions for 

2 performing the step of selecting, in response to a security policy associated with a 

3 wildcarded identifier from said matching step, one of a grant of access to a requested 

4 resource corresponding to said resource identifier and a denial of access to said requested 

5 resource. 

1 22. The program product of claim 19 wherein said list of said wildcarded resource 

2 identifiers comprises an ordered list of wildedcarded resource identifiers, said ordered 

3 list being ordered in accordance with said predetermined set of precedence values. 

1 23. The program product of claim 22 wherein said program of instructions for 
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2 performing the step of matching said resource identifier received in said access request 

3 comprises a program of instructions for performing the steps of: 

4 sequentially comparing said resource identifier received in said access request 

5 with each wildcarded resource identifier in said ordered list; 

6 in response to a comparison, terminating said comparing step, returning a policy 

7 associated with a wildcarded identifier from said comparing step. 

1 24. The program product of claim 22 further comprising programming instructions 

2 for performing the step of ordering a list of wildcarded resource identifiers to generate 

3 said list of ordered wildcarded resource identifiers. 

1 25. The program product of claim 24 wherein said programming instructions for 

2 performing the step of ordering a list of wildcarded resource identifiers includes 

3 programming instructions for performing the steps of: 

4 selecting a pair of wildcarded identifiers from a list in accordance with a 

5 predetermined sorting process; 

6 sequentially selecting elements in each identifier of said pair of wildcarded 

7 identifiers; 

8 comparing a first precedence value corresponding to a first one of a selected 

9 element of said pair of wildcarded identifiers and a second precedence value 

1 0 corresponding to a second one of a selected element of said pair of wildcarded identifiers, 

1 1 wherein said first precedence value and said second precedence value each comprise a 

12 predetermined value from said set of precedence values; and 

13 if said first precedence value and said second precedence value corresponding are 
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14 not equal, ordering said pair of wildcarded identifiers according to said first precedence 

15 value and said second precedence. 

1 26. The program product of claim 25 further comprising programming instructions 

2 for performing the step of returning said pair of wildcarded identifiers from said ordering 

3 step to said preselected sorting process. 

1 27. The program product of claim 19 wherein said set of precedence values 

2 comprises: 

3 a first precedence value having a highest precedence corresponding to an exact character, 

4 a second precedence value have a next lower precedence from said first precedence 

5 value, corresponding to a character range; 

6 a third precedence value, having a next lower precedence from said second 

7 precedence value, corresponding to any character; 

8 a fourth precedence value, having a next lower precedence from said third 

9 precedence value, corresponding to a repeating exact character; 

10 a fifth precedence value, having a next lower precedence from said fourth 

1 1 precedence value, corresponding to a repeating character range; and 

12 a sixth precedence value, having a next lower precedence from said fifth 

13 precedence value, corresponding to any character string, and wherein said sixth 

14 precedence value comprises a lowest precedence value. 
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1 28. A security policy method comprising the steps of: 

2 associating wildcarded resource identifiers with a corresponding security policy; 

3 and 

4 matching a resource identifier received in an access request to one of a list of said 

5 wildcarded resource identifiers, wherein said matching is determined in accordance with 

6 a predetermined set of precedence values, each precedence value of said set 

7 corresponding to a predetermined wildcard element, wherein each predetermined 

8 wildcard element comprises a regular expression element; 

9 selecting, in response to a security policy associated with a wildcarded identifier 

1 0 from said matching step, one of a grant of access to a requested resource corresponding 

11 to said resource identifier and a denial of access to said requested resource, and wherein 

1 2 said list of said wildcarded resource identifiers comprises an ordered list of wildedcarded 

13 resource identifiers, said ordered list being ordered in accordance with said 

14 predetermined set of precedence values. 
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